Talk in English - US at php[tek] 2019
Track Name:
Security
View Slides: https://speakerdeck.com/ericmann/owasp-301-infrastructure-based-security
Short URL: https://joind.in/talk/510c6
(QR-Code (opens in new window))
Some of the trickier application security risks (ASRs) covered by the OWASP Top ten are focused on infrastructure and application configuration. As these risks are deeper within the production stack, they can be harder to find and address. Together, we’ll walk through each of these risks, examine how to identify them in an application or production environment, and cover actionable steps you can take today to address them with your application.
By the end of this session, you will have seen and learned to defend against:
Sensitive Data Exposure (ASR-3)
Broken Access Control (ASR-5)
Security Misconfiguration (ASR-6)
Using Components with Known Vulnerabilities (ASR-9)
Insufficient Logging & Monitoring (ASR-10)
Comments
Comments are closed.